Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange firewall behavior

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Brutal
      last edited by

      Have strange behavior going on.  After playing with this, frankly I'm stumped

      Network setup.  All routers pfsense.  2 sites.  Site A has 1 router/1 wan(Router A).  Site B has 2 routers/2 wan (1 each)(Router B & C)

      Router A 192.168.1.1/24
      Router B 10.0.0.1/24
      Router C 10.0.0.3/24

      Router A  has an IPSEC VPN to  Router B.  Set to pass entire /24 network

      I have one server who's default gateway is Router C.  I have Router C programmed with a gateway to Router B (10.0.0.1).  Also with a route for 192.168.1.0/24 to go to gateway/Router B

      On Router C, I have a standard LAN Firewall rule allow any any.

      The strange part is I have firewall logs showing blocked traffic from 10.0.0.101 to 192.168.1.200.

      Shouldn't the standard lan rule allow the traffic, and shouldn't the route send that traffic over to Router B?  Why the log entry?

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        Router B and C both have the same LAN subnet - unless you know exactly what you're doing that will cause you problems, and may be the cause of the problems you're seeing.

        1 Reply Last reply Reply Quote 0
        • B
          Brutal
          last edited by

          I'm sure its something simple i'm missing.

          I even changed the gateway within the firewall rule itself and was still getting deny logs.  Arg!!!!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.